Search Results

Search found 15704 results on 629 pages for 'block world'.

Page 336/629 | < Previous Page | 332 333 334 335 336 337 338 339 340 341 342 343 | Next Page >

Proxy Server suggestions

- by Jon Menefee

Here is the question I have that hopefully is not too general of a question. I have a network with approximately 25 PC's, 3 servers and 25 IP cameras. I have a firewall already on the network and it works fine for what I need, but my client is asking me if there is a way to put a Proxy server on the network to monitor where his employees are going when they surf the Internet. He is not wanting to block them (at least not thru the Proxy server), but he wants to make sure that they arent going to sites that would compromise the networked PCs. I have looked at TMG and it is a little more than what I want. I hesitate adding another firewall to the system because of the security cameras that are presently on the network (IP Cameras). I just want to put a policy in AD that would make certain Users (or Computers) use a Proxy server. Any suggestions on a good proxy server are welcome. Thank you

Read the article
Preventing my postfix to send my local users spam

- by Jack

I have a postfix/dovecot mail server with 100 different users. When they send an email they need to be authenticated. I successfully use saslauth to achieve this. Few days ago I had a problem. One specific user, probably with a virus or a spam-bot installed in its computer, started to send out through my server thousands of emails in few hours. As result, my ip has been blocked by many isp provider (@aol, @yahoo, and others) and has been listed in many blacklist, making all my 100 users unable to send any email to anyone. What is the best practice to avoid this problem? It would be great if my server could recognize a spamming user and automatically block it. Also, have a limit of, say, 30 emails per hour could be a partial solution. Any idea how to face this problem? Thank you

Read the article
Is there a way to define a rule on a bridge that will return reply for ARP request

- by user1495181

client (IP = 1.1.1.1) - bridge (brctl) - server (IP = 2.2.2.2) (all machine are Ubuntu). The client block arp request. (there are multiple clients ) I need to define a rule on the bridge machine that will return the client MAC when it get ARP request for IP 1.1.1.1. I see that in ebtables there is an arpreply option , but i didnt manage to find an example to define the arpreply by given arp request ip. ebtables -t nat -A PREROUTING -p arp -j arpreply --arpreply-mac 00:09:5B:91:56:08 Can you please adcive

Read the article
How to benchmark kernel (-Os vs -O2)

- by NightwishFan

It seems logical to me that on a 64-bit kernel compiling it to optimize for size might help overall. (My distro of choice uses -O2) It has the benefits of more registers and memory and perhaps less cache contention than normal optimized code. I have a kernel compiled like this and it seems excellent. However my question is how can I prove this? I like using Phoronix for "real world" sort of benchmarks so I would prefer to test cases like that. What should I pick to test? Does anyone else have any alternatives? Thank you very much in advance.

Read the article
Sharepoint Document Library not receiving emails

- by ria

I have created a sharepoint document library which is email enabled. However when i send email to the designated email address from anywhere, i dont receive the email & attachment in the list. I have done some R&D and i hv found that in order to receive email from anywhere i have to expose my DNS of the sharepoint site to the outside world. Now i dont know whether it applies to the email address designated to me in the Active directory profile as well (my company domain email address). How to test that this email reception is working in the document library? I have tried sending an email from the sharepoint site and it works fine so the SMTP settings are correctly done.

Read the article
In 2011, what are the reasons to stick with plain text mails?

- by Aaron Digulla

People entering college today have never known a world without an Internet. HTML was invented 1980, that's more than thirty years ago or 1.5 generations. But plain text mails are still common despite all their problems: Encoding issues Wrapped code segments No links No way to use the "a picture says more than a thousand words" lore Most of the security risks are now handled by the underlying browser engine and smart settings like: Don't allow JavaScript in mails Don't execute attachments Don't download external resources (like web bugs) On top of that, only very few people still read mail only in command line tools like Mutt. Knowing Mutt myself, I'm pretty sure you can configure it to display HTML mail with, say, w3m. On top of that, most HTML mail capable clients send two versions of the mail (pure text with an HTML attachment). I'm not sure if there are any people left on the planet which still use a 56kbit modem to access their mail accounts. So what reasons are left to stick with plain text mails in 2011?

Read the article
Lighttpd referer issue

- by Chris

I have a problem to block files from accessing from different domains as my one. I have added to my lighty config in the "virual host" following: $HTTP["referer"] !~ "^($|http://www\.my-site\.net)" { url.access-deny = ( "" ) } but anyway the site www.example.com can access http://player.my-site.net/player.swf, also it can be accessed directly without a referrer. any idea? //EDIT here is my old apache .htaccess with a rewrite rule thats works perfect, but i dont know how to convert it for lighty: RewriteEngine on RewriteBase / RewriteCond %{HTTP_REFERER} !^http://my-site\.net/ [NC] RewriteCond %{HTTP_REFERER} !^http://www\.my-site\.net/ [NC] RewriteCond %{HTTP_REFERER} !^http://player\.my-site\.net/ [NC] RewriteCond %{HTTP_REFERER} !^http://stream\.my-site\.net/ [NC] RewriteRule .* - [L,R=404]

Read the article
Organize code in Chef: libraries, classes and resources

- by ColOfAbRiX

I am new to both Chef and Ruby and I am implementing some scripts to learn them. Now I am facing the problem of how to organize my code: I have created a class in the library directory and I have used a custom namespace to maintain order. This is a simplified example of my file: # ~/chef-repo/cookbooks/mytest/libraries/MyTools.rb module Chef::Recipe::EP class MyTools def self.print_something( text ) puts "This is my text: #{text}" end def self.copy_file( dir, file ) cookbook_file "#{dir}/#{file}" do source "#{dir}/#{file}" end end end end From my recipe I call both methods: # ~/chef-repo/cookbooks/mytest/recipes/default.rb EP::MyTools.print_something "Hello World!" EP::MyTools.copy_file "/etc", "passwd" print_something works fine, but with copy_file I get this error: undefined method `cookbook_file' for Chef::Recipe::EP::FileTools:Class It's clear to me that I don't know how to create libraries in Chef or I don't know some basic assumptions. Can anyone help me, please? I am looking for a solution of this problem (organize my code, libraries, use resources in classes) or, better, a good Chef documentation as I find the documentation very deficient in clarity and disorganized so that research through it is a pain.

Read the article
MediaPortal crash when scanning my TV Channels

- by Martin Ongtangco

I tried installing MediaPortal on my old system. I installed & tried both beta & stable releases: Here's the old system specs: Windows XP SP3 512MB DDR 80GB IDE K-World PVR-TV7131 Analog TV-Tuner Inno3d FX5500 128MB 64bit When scanning through the TV-Server, it crashes. I don't know if the incompatibility comes from the hardware or the OS, but my TV Tuner's own Media center app works well. For now, that's what im using. Anyone here familiar with MediaPortal? Thanks!

Read the article
Limiting and redirect port access with useragent

- by linuxcore

I'm trying to write iptables string match rule To block http://domain.com:8888 and https://domain.com:8888 when it matches the supplied string in the rule. And another rule to redirect the ports also from 8888 to 7777 I tried following rules but unfortunately didn't work iptables -A INPUT -p tcp -s 0.0.0.0/0 -m string --string linuxcore --algo bm --sport 8888 -j DROP iptables -t raw -A PREROUTING -m string --algo bm --string linuxcore -p tcp -i eth0 --dport 8888 -j DROP iptables -t nat -A PREROUTING -p tcp --dport 8888 -m string --algo bm --string "linuxcore" -j REDIRECT --to-port 7777 iptables -A INPUT -t nat -p tcp --dport 8888 -m string --algo bm --string "linuxcore" -j DROP I want to do this from iptables not the webserver because the server may not have a webserver and those ports are working on internal proxy or something like ..etc

Read the article
Binding services to localhost and using SSH tunnels - can requests be forged?

- by Martin

Given a typical webserver, with Apache2, common PHP scripts and a DNS server, would it be sufficient from a security perspective to bind administration interfaces like phpmyadmin to localhost and access it via SSH tunnels? Or could somebody, who knew eg. that phpmyadmin (or any other commonly availible script) is listening at a certain port on localhost easily forge requests that would be executed if no other authentication was present? In other words: could somebody from somewhere in the internet easily forge a request, so that the webserver would accept it, thinking it originated from 127.0.0.1 if the server is listening on 127.0.0.1 only? If there were a risk, could it be somehow dealt with on a lower level than the application, eg. by using iptables? The idea being, that if someone found a weakness in a php script or apache, the network would still block this request because it did not arrive via a SSH-tunnel?

Read the article
Apache - Restrict to IP not working.

- by Probocop

Hi, I've a subdomain that I only want to be accessible internally; I'm trying to achieve this in Apache by editing the VirtualHost block for that domain. Can anybody see where I'm going wrong? Note, my internal IP address here are 192.168.10.xxx. My code is as follows: <VirtualHost *:80> ServerName test.epiphanydev2.co.uk DocumentRoot /var/www/test ErrorLog /var/log/apache2/error_test_co_uk.log LogLevel warn CustomLog /var/log/apache2/access_test_co_uk.log combined <Directory /var/www/test> Order allow,deny Allow from 192.168.10.0/24 Allow from 127 </Directory> </VirtualHost> Thanks

Read the article
Error while mounting home directory on different logical volume

- by RCola

I created RAID 5 form 3 hard drives. Formatted as ext4 this raid array. Created VG0 group and lv_home logical volume in LVM. Then I tried to mount default /home directory on lv_home, while trying to mount logical volume lv_home to folder containing user profiles /home, getting error: mount: wrong fs type, bad option, bad superblock on /dev/mapper/VG0-lv_home next is seems to be symbolic link: # file -s /dev/VG0/lv_home /dev/VG0/lv_home: symbolic link to `../mapper/VG0-lv_home' then # file -s /dev/mapper/VG0-lv_home /dev/mapper/VG0-lv_home: data and lvm> pvs PV VG Fmt Attr PSize PFree /dev/md0 VG0 lvm2 a- 2.02g 68.00m lvm> lvdisplay --- Logical volume --- LV Name /dev/VG0/lv_home VG Name VG0 LV UUID WzJus7-2yV8-yhog-Ju1b-TpWH-IIAI-LIutwe LV Write Access read/write LV Status available # open 0 LV Size 1.17 GiB Current LE 300 Segments 1 Allocation inherit Read ahead sectors auto - currently set to 256 Block device 251:0

Read the article
Standalone server setup for compute capacity

- by mikera

I'm developing an application for my company that will require a lot of compute capacity (running some very big mathematical calculations), and looking for some form of server setup to do this. For various reasons, we want to run this on-site in our office rather than hosting it externally. It's been a while since I last had to set up my own servers so I thought I would tap into the collective wisdom of serverfault! My broad requirements are: Budget $30-50k, with an aim to get as much compute capacity as possible for that budget 64-bit servers suitable to run Ubuntu Linux + Java Some relatively standalone rack that can be installed in secure office space Fast/low latency network connections between the servers, but don't really care about connectivity to the outside world Storage capacity shared between the servers - they don't necessarily need their own storage providing they can be booted from a common image Downtime can be tolerated (since the calculations are run in batch mode) The software itself is fault-tolerant, so there is no need for extra resiliency in the server setup (cheap replaceable commodity parts will be fine in general) Given these requirements what kind of setup would you recommend and why?

Read the article
Best way to log internet traffic for office network via remote IP

- by buzzmonkey

We have a network of about 40 machines running either Win XP or 7 in our office via LAN switches into 1 x Netgear Router (WNDR3700). We have noticed recently that our local network has been added to the CBL Blacklist due to one of our machines being infected with Torpig. I have attempted to use Kaspersky's TDSSKiller Antirootkit Utility to find the infected machine but all appear to be clear. The CBL register advises to find the local machine which is connection to the remote IP address (CBL has provided the range). However, our router does not have the ability to block remote IP addresses - does anyone know of a software which can log all the internet traffic, which we can then use to find the infected machine.

Read the article
ext4 loopback device, Buffer I/O Error on reboot

- by cvb

I am trying to mount a loopback device on my ext4 formatted ssd drive. I get these errors when I reboot on Linux kernel 2.6.38.8 Buffer I/O error on device loop1, logical block 0 Here is what I do: dd if=/dev/zero of=/mnt/s/lodev bs=4096 count=250000 mkfs.ext4 /mnt/s/lodev mount -n -o loop,rw /mnt/s/lodev /mnt/test The loopback mount is successful, but on reboot I get errors as mentioned above. Even mouting with 'sync','data=writeback' does not help. I tried to losetup a device, but see the same behavior. I also reformatted the base device and created the loopback device and mounted as above, I still see these errors. I do not see them when I format them as vfat. Appreciate any suggestions on this problem.

Read the article
Direct Access on Server 2012

- by francisswest

Scenario: Windows Server 2012 with the Remote Access role installed. IP set to static, registered DNS. 3 domain controllers, all running Server 2003 (I suspect this may be the issue) Done so far: DNS registered, firewall turned off after IPsec was applied. Able to ping all 3 DC's with no issues Problem: Going through the DA wizard generates this error. I am logged in as a domain admin, verified that I can ping the DC, verified IPsec allows me to contact it. Since this version hasnt been readily deployed yet, there isnt much help available online from what I can find. Any assistance ayone could provide would be greatly appreciated. I am still new to the server world as far as things are considered. I would fit, user wise, between Superuser.com and serverfault.com (junior admin) Thanks to anyone who may be able to assist!

Read the article
Disable OS X Portable Home Directories for specific hosts for all users, not just individuals?

- by Paul Nendick

Would it be possible to block any and all Portable Home Directory services for specific hosts? Something like MCX's "MobileAccountNeverAsk-" but for the whole workstation? We have a network with both portable and stationary machines. I'd like our users to be able to use all machines, going portable on the MacBook but not being bothering with syncing when logged into stationary iMacs or Mac Pros. The Open Directory servers are running Snow Leopard (for now) and all clients are running Lion. Thanks! Paul

Read the article
Hardware for Capturing Packets

- by Kevin

One of my clients is a small school district in Texas. Like any school, they often have problems with network'd peripherals such as printers, et al. It would be nice to be able to simply "listen" to what the printer and PC are saying to each other (or not saying more importantly)... The problem is that I can't find old-style "hubs" anymore, and even if I could, it's not a long-term solution. All of the devices that I have found to replicate the purpose of a simple hub are either $100+ or are difficult to throw into a networking tool kit (aka my backpack)... Now that hubs are dead, what's the new low-cost standard for simple packet capture in the networking world?

Read the article
Process vsserv.exe attempts connection to unknown host (clients.your-server.de)

- by pushpraj

from past few day I notice a new connection is being made from my system, I discovered it within the outpost firewall, it is blocked by default with the reason Block Transit Packets in the image above you can see that the process vsserv.exe is attempting a connection to static.88-198-155-41.clients.your-server.de I tried to search on google but could not find any relevant info, however this link http://www.webmasterworld.com/search_engine_spiders/3963600.htm says that your-server.de hosts bad bots. I am bit concerned if something is not correct. Could you help me understand the same?

Read the article
Home Directory Folders

- by George

I am looking for a way to acomplish the following: Currently users have home drives mapped via AD profile as follow: \\fileserver\users\username However if once a user was able to access \\fileserver\users and view everyones folder, but had no access to them. This is not ideal since we have people saving important stuff to on their drives. How can I restrict users permissions and views only to THEIR home drives? I also saw this solution, but not sure if it would apply to me: ================================================================================ Share level permissions - Everyone full permission and remove all others On the file/folder level set the following: Authenticated users special permissions on the root of the \\server\homeshare\ to Check the boxes next to the following: Traverse folder / execute file List Folder / read data Read attributes Read extended attributes / List item All other boxed leave unchecked and make sure you apply "This Folder Only" Domain Adminsfull rights and apply “this folder, subfolders, and files” This will block the users from accessing other user home directories. When you create the new user and set the home directory it will create the folder for you with the correct permissions.

Read the article
What is a descriptive name for a web service that responds with plain text?

- by Rich Shealer

I'm looking for the proper name for a web service that responds with text as opposed to XML. As an example this "cardServer" service will return 5 cards for a poker hand. http://hostname:8080/cardServer/deal/Game=Poker&Qty=5 The result could look like this: Card1=Ad Card2=Kc Card3=Ts Card4=5d Card5=3d The real world example is not as trivial, but the concept is the same. Parameters if any are passed as POST variables. We currently parse the response into a string list and use the values. The process works just fine. What I'm wondering if this service method has a name that has easier tools to deal with the responses and therefore did we reinvent the wheel? For the record the service was provided and maintained by a customer.

Read the article
Why would the servers network type change from Private to Public?

- by Phil Hannent

Just found a fault with a server, other users have had problems connecting to it. The setting on the network card had changed from Private (domain) network to Public (the other option being Home). The switch to the network interface would have caused the firewall to block a lot of normal functions. I am guessing that since the event log showed no reason for the change that it might be due to a complete shutdown we had recently where someone powered up the machines, however the domain controllers might not have been booted up first. Any confirmation that this might be the case?

Read the article
iptables, allow access from certain MAC addresses

- by user788171

Presently, I limit which clients can access my server by using IP addresses via iptables, only approved IP addresses can connect. However, the problem with this is if a client is on a laptop and goes to a different location, they can no longer connect because the IP has changed. For a variety of reasons, iptables authentication is the only option I have. Is there a way to restrict access by device instead of ip address. For instance, only allow certain MAC address to connect to port 5000. Is it possible to do this via iptables? Note, the computers are not on the same network, they could be connecting from anywhere in the world.

Read the article
How to force or redirect to SSL in nginx?

- by Callmeed

I have a signup page on a subdomain like: https://signup.mysite.com It should only be accessible via HTTPS but I'm worried people might somehow stumble upon it via HTTP and get a 404. My html/server block in nginx looks like this: html { server { listen 443; server_name signup.mysite.com; ssl on; ssl_certificate /path/to/my/cert; ssl_certificate_key /path/to/my/key; ssl_session_timeout 30m; location / { root /path/to/my/rails/app/public; index index.html; passenger_enabled on; } } } What can I add so that people who go to http://signup.mysite.com get redirected to https://signup.mysite.com ? (FYI I know there are Rails plugins that can force SSL but was hoping to avoid that)

Read the article

< Previous Page | 332 333 334 335 336 337 338 339 340 341 342 343 | Next Page >